AUTHENTICATING THE CONTENTS OF E-DOCUMENTS 



Field of the Invention 

The present invention relates to a method of authenticating the contents of e-mail, 
including attachments. More particularly, the present invention relates to a method of 
authentication based on the use of encryption technology. 

Background of the Invention 

Advances in technology and the dramatic growth of the Internet have allowed 
companies to perform increasing amounts of business electronically. The use of 
electronic mail is increasing at exponential rates, as businesses prefer to communicate 
electronically. 

While companies increasingly prefer to perform business and correspondence via 
electronic mail, there are a number of inherent problems, including: 

1) verification of the source of the communication; 

2) ensuring the privacy of the communication; 

3) certifying the delivery of the communication; and 

4) ensuring the communication is not modified by the recipient. 
The present invention solves the fourth problem listed above. 

Prior Art 

Ensuring that an email communication has not modified by the recipient can be 
accomplished whereby both the sender and/or recipient implement extraneous software 
dedicated for secure transfer. One such example is "Zixmail" located at www.zixit.com. 
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Either the sender or both sender/receiver require zixit technology (patent pending) 
software for ensuring email communication. Another company, www.verisign.com also 
offers a similar service; however, extraneous, dedicated software (patent pending) is a 
requirement. 

Another method for ensuring email communication is accomplished by digitally 
fingerprinting. In this manner, an email document can be electronically assessed to be 
the original within a statistical tolerance; however, the exact original is not reproduced. 
A company, located at www.rpost.com provides a patent pending email authentication 
service that does not require extraneous software. The Rpost service provides a digital 

Q fingerprint of the original, contained within a digital email receipt. The receipt can later 
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£ be assessed by Rpost for authentication. Rpost makes no claim for reproduction of the 

if! exact original email and attachment(s). 
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M Summary of the Invention 

Q This invention relates to a method of authenticating, via an authentication service, 

3 the contents of an e-document (i.e., e-mail with or without attachments) sent by an 

originator to at least one addressee. The method includes the steps of: sending, via e- 
mail, the e-document to the addressee; sending, via e-mail, a copy of the e-document to 
the authentication service; encrypting the copy of the e-document by the authentication 
service; and sending, via e-mail, the encrypted e-document to the originator and any 
addressee identified by the originator. During the steps of encrypting and sending by the 
authentication service, no copy of the e-document or the encrypted e-document is 
retained by the authentication service. Additionally, no information on the e-document 
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or the encrypted e-document is retained by the authentication service. Thus, for 
subsequent authentication, the encrypted copy must be saved by one or more of the 
originator and any identified addressee. With at least one encrypted copy saved, the 
method further includes the steps of: sending, via e-mail, the encrypted e-document to the 
authentication service; decrypting the encrypted e-document; and sending, via e-mail, the 
decrypted document to both the originator (of the encrypted e-document) and any 
identified addressee. Again, no copies are retained by the authentication service. Prior to 
decrypting, the authentication service determines whether the encrypted e-document as 
received from the originator (or an addressee) has been modified. Decrypting only takes 
place if the encrypted e-document has not been modified. Finally, if the encrypted e- 
document has been modified, the process includes the step of notifying the originator (of 
the encrypted e-document) and any identified addressee that the encrypted e-document as 
received by the authenticator has been modified and cannot be decrypted. 

Brief Description of the Drawings 

Figure 1 is a diagramitical representation of the process of originating and 
creating an encrypted copy of an original e-document; and 

Figure 2 is a diagramitical representation of the authenticating process (of the 
encrypted copy) of the present invention. 

Description of the Preferred Embodiment 

With reference to Figure 1 the authenticating process of the present invention 
starts with the originator's transmission of an e-document (i.e., e-mail with or without 



attachments) to the intended recipient or recipients via normal e-mail service, with a copy 
sent by e-mail to the authentication service (e.g., eCopyMe.com). Using encryption 
software (e.g., commercially available software for encryption), an encrypted file of the 
original e-document is created. Once encrypted, the encrypted file is sent, again by 
normal e-mail service, to both the originator and any recipient(s), which was identified 
by the originator to the authentication service. No copy of the original e-document or the 
encrypted file is retained by the authentication service. Further, no information on the 
original e-document or the encrypted e-document is retained by the authentication 
service. 

The authenticating process of the present invention is illustrated in Figure 2. To 
initiate this process, the original sender (or a recipient who has a copy of the encrypted 
file) sends the encrypted file to the authentication service as an attachment to an e-mail. 
A copy of the encrypted file can, at the option of the party originating decrypting, be sent 
to any other party (e.g., originator of the e-document, recipient, third party). Once 
received, the encrypted file is decrypted, by appropriate decryption software, and a copy 
of the original e-document(s) sent to both the party requesting decryption and any third 
party identified to the authentication service by the requesting party. 

According to the present invention, only encrypted files that have not been altered 
are authenticated. If an encrypted file has been altered, the decryption software will 
detect such alteration and the file with the encrypted e-document will not be decrypted. 
Notification of receipt of a file with an altered encrypted e-document will be sent to the 
party that requested decryption and any other party(ies) identified to the authentication 
service on the request to decrypt. 
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Whereas the drawings and accompanying description have shown and described 
the preferred embodiment of the present invention, it should be apparent to those skilled 
in the art that various changes may be made in the form of the invention without 
affecting the scope thereof. 

Conclusions, ramifications, and scope 

The process, which is the scope of this patent application, is a novel utility process for 
authenticating email documents by encrypting/processing the original(s) and 
subsequently decrypting/reprocessing and reproducing the exact original(s) for 
discrepancy resolution between the sender and recipients). Both the sender and 
recipient(s) can be mutually assured that their encrypted/processed "authentication file " 
sent from the authentication service, will not be altered so that the exact original(s) can 
be reproduced to legitimize any email agreement or transaction based on the original e- 
document(s). 

The purpose for encrypting the original(s) is for transforming them into an 
encrypted/processed file where the contents are opaque (unrecognizable) to both the 
sender and recipient(s). The encryption, or processing, complicates the task of altering 
the original(s); therefore, the sender and recipients) confidence is improved when 
conducting an email agreement or transaction. 



Another advantage of the process of this patent application is that the sender and 
recipient(s) can utilize this process without using any software other than what they are 
currently using to communicate electronically. 

Both the sender and receiver can also be mutually assured that the authentication service, 
that provides the encryption/processing process of this patent application, retains no data 
and is a "pass-through" service. 



